'[users@httpd] Re: Apache supports client initiated renegotiation'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       apache-httpd-users
Subject:    [users@httpd] Re: Apache supports client initiated renegotiation
From:       Hemant Chaudhary <hemantdude.chaudhary () gmail ! com>
Date:       2018-04-19 18:38:26
Message-ID: CAKcRo04ZL8xPTmeK8tavoGoaaknEm3BMuE-MUxbpQ_O1ZQ10fg () mail ! gmail ! com
[Download RAW message or body]

Hi All,

Any help on this issue.
 My openssl is sending Secure client initiated renegotiation but my apache
server is rejecting because it is client initiated. I checked custom log
and it shows my apache supports secure renegotiation.

Can somebody has tried secure  renegotiation in apache. How to enable
client initiated secure renegotiation ?

Thanks
Hemant

On Thu, Apr 19, 2018 at 3:03 PM, Hemant Chaudhary <
hemantdude.chaudhary@gmail.com> wrote:

> Hi Team,
>
> I tried to send request from openssl-1.0.2d to Apache server-2.4.25 for
> ssl renegotiation using command "openssl s_client -connect IP:PORT". I got
> error RENEGOTIATING
> 2283136:error:1409E0E5:SSL routines:ssl3_write_bytes:ssl handshake
> failure:s3_pkt.c:656. I checked in error log, error is [client
> 15.213.82.149:52145] AH02042: rejecting client initiated renegotiation.
>
> I got SSL_SECURE_RENEG true in my custom log, it means we are supporting
> Secure Renegotiation. But how should I enable client initiated ssl
> renegotiation ?
>
>
>
> Thanks
> Hemant
>

[Attachment #3 (text/html)]

<div dir="ltr">Hi All,<div><br></div><div>Any help on this issue.</div><div>  My \
openssl is sending Secure client initiated renegotiation but my apache server is \
rejecting because it is client initiated. I checked custom log and it shows my apache \
supports secure renegotiation.    </div><div>  </div><div>Can somebody has tried \
secure   renegotiation in apache. How to enable client initiated secure renegotiation \
?</div><div><br></div><div>Thanks</div><div>Hemant</div></div><div \
class="gmail_extra"><br><div class="gmail_quote">On Thu, Apr 19, 2018 at 3:03 PM, \
Hemant Chaudhary <span dir="ltr">&lt;<a href="mailto:hemantdude.chaudhary@gmail.com" \
target="_blank">hemantdude.chaudhary@gmail.com</a>&gt;</span> wrote:<br><blockquote \
class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex"><div dir="ltr">Hi Team,<div><br></div><div>I tried to send \
request from openssl-1.0.2d to Apache server-2.4.25 for ssl renegotiation using \
command &quot;openssl s_client -connect IP:PORT&quot;. I got error \
RENEGOTIATING</div><div>2283136:error:1409E0E5:SSL routines:ssl3_write_bytes:ssl \
handshake failure:s3_pkt.c:656. I checked in error log, error is  [client <a \
href="http://15.213.82.149:52145" target="_blank">15.213.82.149:52145</a>] AH02042: \
rejecting client initiated renegotiation.  </div><div><br></div><div>I got  \
SSL_SECURE_RENEG true in my custom log, it means we are supporting Secure \
Renegotiation. But how should I enable client initiated ssl renegotiation \
?</div><div><br></div><div><br></div><div><br></div><div>Thanks</div><span \
class="HOEnZb"><font color="#888888"><div>Hemant</div></font></span></div> \
</blockquote></div><br></div>



[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic